import { _ as __awaiter, a as __generator } from './_tslib-ca2dd4fc.js';
import { secretbox, randomBytes, hash, box } from 'tweetnacl';
import { encodeBase64, decodeUTF8, decodeBase64, encodeUTF8 } from 'tweetnacl-util';
// just a helper for a constant :)
var keyLength = secretbox.keyLength;
// todo: https://github.com/dchest/tweetnacl-js/wiki/Using-with-Webpack
/**
* @category crypto
* @namespace
*/
var crypto = {
/**
* @name nonce
* @category crypto
* @memberof crypto
* @returns {object}
* @function
*/
nonce: function () {
return randomBytes(secretbox.nonceLength);
},
/**
* @name hash
* @category crypto
* @memberof crypto
* @param {*} input
* @returns {string}
* @function
*/
hash: function (input) {
return encodeBase64(hash(decodeUTF8(input))).slice(0, 44);
},
/**
* @name secretBox
* @category crypto
* @description Make a public key / private key box
* @namespace
* @memberof crypto
* @example
* ```
* const key = generateKey()
* const obj = { "hello": "world" }
* const encrypted = crypto.nacl.secretBox.encrypt(obj, key)
* const decrypted = crypto.nacl.secretBox.decrypt(encrypted, key)
* console.log(decrypted, obj) // should be shallow equal
* ```
*/
secretBox: {
/**
* @name keyGen
* @category crypto
* @memberof crypto.secretBox
* @param {*} input
* @function
*/
keyGen: function (input) {
input = input || randomBytes(secretbox.keyLength);
return encodeBase64(input);
},
/**
* @name encrypt
* @category crypto
* @memberof crypto.secretBox
* @param {object} json
* @param {string} key
* @throws {Error}
* @returns {string}
* @function
*/
encrypt: function (_a) {
var _b = _a === void 0 ? {} : _a, json = _b.json, key = _b.key;
return __awaiter(this, void 0, void 0, function () {
var keyUint8Array, nonce, messageUint8, box, fullMessage, base64FullMessage;
return __generator(this, function (_c) {
if (!key) {
throw new Error('[CryptoPrimitive] - missing key');
}
try {
keyUint8Array = decodeBase64(key);
}
catch (err) {
throw new Error('[CryptoPrimitive] - key wrong type');
}
nonce = crypto.nonce();
messageUint8 = decodeUTF8(JSON.stringify(json));
box = secretbox(messageUint8, nonce, keyUint8Array);
fullMessage = new Uint8Array(nonce.length + box.length);
fullMessage.set(nonce);
fullMessage.set(box, nonce.length);
base64FullMessage = encodeBase64(fullMessage);
return [2 /*return*/, base64FullMessage];
});
});
},
/*
encrypt__TEST_DO_NOT_USE_IN_PRODUCTION: async function ({ json, key, nonce }) {
if (!key) key = encodeBase64(randomBytes(secretbox.keyLength))
const keyUint8Array = decodeBase64(key)
const messageUint8 = decodeUTF8(JSON.stringify(json))
const box = secretbox(messageUint8, nonce, keyUint8Array)
const fullMessage = new Uint8Array(nonce.length + box.length)
fullMessage.set(nonce)
fullMessage.set(box, nonce.length)
const base64FullMessage = encodeBase64(fullMessage)
return base64FullMessage
},
*/
/**
* @name decrypt
* @category crypto
* @memberof crypto.secretBox
* @param {string} msg
* @param {string} key
* @throws {error} - Could not decrypt message
* @returns {object}
* @function
*/
decrypt: function (_a) {
var _b = _a === void 0 ? {} : _a, msg = _b.msg, key = _b.key;
return __awaiter(this, void 0, void 0, function () {
var keyUint8Array, messageWithNonceAsUint8Array, nonce, message, decrypted, base64DecryptedMessage;
return __generator(this, function (_c) {
keyUint8Array = decodeBase64(key);
messageWithNonceAsUint8Array = decodeBase64(msg);
nonce = messageWithNonceAsUint8Array.slice(0, secretbox.nonceLength);
message = messageWithNonceAsUint8Array.slice(secretbox.nonceLength, msg.length);
decrypted = secretbox.open(message, nonce, keyUint8Array);
if (!decrypted) {
throw new Error('Could not decrypt message');
}
base64DecryptedMessage = encodeUTF8(decrypted);
// this is potentially dangerous, because we are
// deflating JSON that might be executable
// todo: we need to handle exceptions here
return [2 /*return*/, JSON.parse(base64DecryptedMessage)];
});
});
}
},
// todo: fix, test and validate
/**
* @name box
* @category crypto
* @namespace
* @memberof crypto
* @description Make a public key / private key box
* @example
* ```
* const obj = { hello: 'world' };
* const pairA = crypto.nacl.box.generateKeyPair();
* const pairB = gcrypto.nacl.box.enerateKeyPair();
* const sharedA = box.before(pairB.publicKey, pairA.secretKey);
* const sharedB = box.before(pairA.publicKey, pairB.secretKey);
* const encrypted = crypto.nacl.box.encrypt(sharedA, obj);
* const decrypted = crypto.nacl.box.decrypt(sharedB, encrypted);
* console.log(obj, encrypted, decrypted);
* ```
*
*/
box: {
/**
* @name generateKeyPair
* @category crypto
* @memberof crypto.box
* @returns {object}
* @function
*/
generateKeyPair: function () {
return box.keyPair();
},
/**
* @name box.encrypt
* @category crypto
* @memberof crypto.box
* @param {string} secretOrSharedKey
* @param {object} json
* @param {string} key
* @function
*/
encrypt: function (_a) {
var secretOrSharedKey = _a.secretOrSharedKey, json = _a.json, key = _a.key;
var nonce = this.crypto.nacl.nonce();
var messageUint8 = decodeUTF8(JSON.stringify(json));
var encrypted = key
? box(messageUint8, nonce, key, secretOrSharedKey)
: box.after(messageUint8, nonce, secretOrSharedKey);
var fullMessage = new Uint8Array(nonce.length + encrypted.length);
fullMessage.set(nonce);
fullMessage.set(encrypted, nonce.length);
var base64FullMessage = encodeBase64(fullMessage);
return base64FullMessage;
},
/**
* @name decrypt
* @category crypto
* @memberof crypto.box
* @param {string} secretOrSharedKey
* @param {string} messageWithNonce
* @param {string} key
* @throws {error}
* @returns {string}
* @function
*/
decrypt: function (_a) {
var secretOrSharedKey = _a.secretOrSharedKey, messageWithNonce = _a.messageWithNonce, key = _a.key;
var messageWithNonceAsUint8Array = decodeBase64(messageWithNonce);
var nonce = messageWithNonceAsUint8Array.slice(0, box.nonceLength);
var message = messageWithNonceAsUint8Array.slice(box.nonceLength, messageWithNonce.length);
var decrypted = key
? box.open(message, nonce, key, secretOrSharedKey)
: box.open.after(message, nonce, secretOrSharedKey);
if (!decrypted) {
throw new Error('Could not decrypt message');
}
var base64DecryptedMessage = encodeUTF8(decrypted);
return JSON.parse(base64DecryptedMessage);
}
}
};
export { crypto, keyLength };
//# sourceMappingURL=cryptoPrimitives.esm.js.map
Source